Juniper Firewall da DIP’de( Deep inspection) uzantı kısıtlama

Örnek bir kodu aşağıda veriyorum . Ancak kontrol etmenizde yarar var belki içerisinde istemediğiniz bir takım dosya uzantularıda olabilir

Kaynak ; Nezih Kılınç

set attack “CS:File_torrent” http-url “.*\.bittorrent.*” severity 2

set attack “CS:file_mswmm” http-url “.*\.mswmm.*” severity 2

set attack “CS:file_cpio” http-url “.*\.cpio.*” severity 2

set attack “CS:file_htaccess” http-url “.*\.htaccess.*” severity 2

set attack “CS:file_mpeg” http-url “.*\.mpeg.*” severity 2

set attack “CS:file_tbz2” http-url “.*\.tbz2.*” severity 2

set attack “CS:File_Mpeg” http-url “.*\.mpeg.*” severity high

set attack “CS:file_divx” http-url “.*\.divx.*” severity 2

set attack “CS:flashget” http-url “.*\.fb!.*” severity high

set attack “CS:File_MP3” http-url “.*\.mp3.*” severity high

set attack “CS:File_AVI” http-url “.*\.avi.*” severity high

set attack group “CS:File_GRP”

set attack “CS:File_RAR” http-url “.*\.rar.*” severity high

set attack “CS:file_ac3” http-url “.*\.ac3.*” severity 2

set attack “CS:file_ace” http-url “.*\.ace.*” severity 2

set attack “CS:file_aim” http-url “.*\.aim.*” severity 2

set attack “CS:file_alz” http-url “.*\.alz.*” severity 2

set attack “CS:file_app” http-url “.*\.app.*” severity 2

set attack “CS:file_arc” http-url “.*\.arc.*” severity 2

set attack “CS:file_ari” http-url “.*\.ari.*” severity 2

set attack “CS:file_avi” http-url “.*\.avi.*” severity 2

set attack “CS:file_cvs” http-url “.*\.cvs.*” severity 2

set attack “CS:file_db2” http-url “.*\.db2.*” severity 2

set attack “CS:file_deb” http-url “.*\.deb.*” severity 2

set attack “CS:file_dvd” http-url “.*\.dvd.*” severity 2

set attack “CS:file_dvi” http-url “.*\.dvi.*” severity 2

set attack “CS:file_hex” http-url “.*\.hex.*” severity 2

set attack “CS:file_iso” http-url “.*\.iso.*” severity 2

set attack “CS:file_mpe” http-url “.*\.mpe.*” severity 2

set attack “CS:file_mpg” http-url “.*\.mpg.*” severity 2

set attack “CS:file_msg” http-url “.*\.msg.*” severity 2

set attack “CS:file_psd” http-url “.*\.psd.*” severity 2

set attack “CS:file_qt” http-url “.*\.qt.*” severity 2

set attack “CS:file_r00” http-url “.*\.r00.*” severity 2

set attack “CS:file_r01” http-url “.*\.r01.*” severity 2

set attack “CS:file_r02” http-url “.*\.r02.*” severity 2

set attack “CS:file_r03” http-url “.*\.r03.*” severity 2

set attack “CS:file_rar” http-url “.*\.rar.*” severity 2

set attack “CS:file_raw” http-url “.*\.raw.*” severity 2

set attack “CS:file_reg” http-url “.*\.reg.*” severity 2

set attack “CS:file_rpm” http-url “.*\.rpm.*” severity 2

set attack “CS:file_s00” http-url “.*\.s00.*” severity 2

set attack “CS:file_s01” http-url “.*\.s01.*” severity 2

set attack “CS:file_s02” http-url “.*\.s02.*” severity 2

set attack “CS:file_tar” http-url “.*\.tar.*” severity 2

set attack “CS:file_tex” http-url “.*\.tex.*” severity 2

set attack “CS:file_zoo” http-url “.*\.zoo.*” severity 2

set attack “CS:file_zz” http-url “.*\.zz.*” severity 2

set attack “CS:file_wma” http-url “.*\.wma.*” severity 2

set attack “CS:file_wmv” http-url “.*\.wmv.*” severity 2

set attack “CS:file_wms” http-url “.*\.wms.*” severity 2

set attack “CS:file_wav” http-url “.*\.wav.*” severity 2

set attack group “CS:File_GRP” add “CS:File_Mpeg”

set attack group “CS:File_GRP” add “CS:File_MP3”

set attack group “CS:File_GRP” add “CS:File_AVI”

set attack group “CS:File_GRP” add “CS:File_RAR”

set attack group “CS:File_GRP” add “CS:file_mswmm”

set attack group “CS:File_GRP” add “CS:file_cpio”

set attack group “CS:File_GRP” add “CS:file_htaccess”

set attack group “CS:File_GRP” add “CS:file_mpeg”

set attack group “CS:File_GRP” add “CS:file_tbz2”

set attack group “CS:File_GRP” add “CS:file_divx”

set attack group “CS:File_GRP” add “CS:file_ac3”

set attack group “CS:File_GRP” add “CS:file_ace”

set attack group “CS:File_GRP” add “CS:file_aim”

set attack group “CS:File_GRP” add “CS:file_alz”

set attack group “CS:File_GRP” add “CS:file_app”

set attack group “CS:File_GRP” add “CS:file_arc”

set attack group “CS:File_GRP” add “CS:file_ari”

set attack group “CS:File_GRP” add “CS:file_avi”

set attack group “CS:File_GRP” add “CS:file_cvs”

set attack group “CS:File_GRP” add “CS:file_db2”

set attack group “CS:File_GRP” add “CS:file_deb”

set attack group “CS:File_GRP” add “CS:file_dvd”

set attack group “CS:File_GRP” add “CS:file_dvi”

set attack group “CS:File_GRP” add “CS:file_hex”

set attack group “CS:File_GRP” add “CS:file_iso”

set attack group “CS:File_GRP” add “CS:file_mpe”

set attack group “CS:File_GRP” add “CS:file_mpg”

set attack group “CS:File_GRP” add “CS:file_msg”

set attack group “CS:File_GRP” add “CS:file_psd”

set attack group “CS:File_GRP” add “CS:file_qt”

set attack group “CS:File_GRP” add “CS:file_r00”

set attack group “CS:File_GRP” add “CS:file_r01”

set attack group “CS:File_GRP” add “CS:file_r02”

set attack group “CS:File_GRP” add “CS:file_r03”

set attack group “CS:File_GRP” add “CS:file_raw”

set attack group “CS:File_GRP” add “CS:file_reg”

set attack group “CS:File_GRP” add “CS:file_rpm”

set attack group “CS:File_GRP” add “CS:file_s00”

set attack group “CS:File_GRP” add “CS:file_s01”

set attack group “CS:File_GRP” add “CS:file_s02”

set attack group “CS:File_GRP” add “CS:file_tar”

set attack group “CS:File_GRP” add “CS:file_tex”

set attack group “CS:File_GRP” add “CS:file_zoo”

set attack group “CS:File_GRP” add “CS:file_zz”

set attack group “CS:File_GRP” add “CS:file_wma”

set attack group “CS:File_GRP” add “CS:file_wmv”

set attack group “CS:File_GRP” add “CS:file_wms”

set attack group “CS:File_GRP” add “CS:file_wav”

set attack group “CS:File_GRP” add “CS:File_torrent”

set attack group “CS:File_GRP” add “CS:flashget”

set attack db sigpack base